Strategic Analysis: Credential Phishing Targeting Government Contractors

Strategic Analysis: Credential Phishing Targeting Government Contractors

Threat actors are running a series of campaigns spoofing several departments of the United States government. The emails claim to request bids for government projects but lead victims to credential phishing pages instead. These campaigns have been ongoing since at least mid-2019 and were first covered in our Flash Alert in July 2019.

These advanced campaigns are well crafted, have been seen in environments protected by secure email gateways (SEGs), are very convincing, and appear to be targeted.

Download this report to learn more about evolution of the advanced campaigns including:

  • Email Contents: More Convincing, More Evasive;
  • PDF Contents: Lures Appear More Authentic;
  • Credential Phishing Page: Improved “Login” Process.



Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.